A little over a month ago, I finally finished writing Essential PHP Security, a guide to secure PHP programming that I've been working on in my spare time for quite a while.
I'm really happy with the results. The people at O'Reilly have been great to work with, and I was lucky enough to have some of the best technical reviewers an author could ask for (Adam, David, George, and John). The result is a lean 150 page guide that covers what I feel are the most important topics with which a PHP developer should be familiar.
The book is due to be published in October (in time for the Zend PHP Conference and Expo), but you can buy it from Amazon today. As Adam jokingly suggests in his infamous email signature, "avoid the holiday rush - buy your copy today!"
I focus on Apache and MySQL, but the principles apply to any platform. In fact, web developers using languages other than PHP might learn something. I hope so. :-)
Each chapter focuses on a specific category of PHP development, and you are shown the most common and dangerous attacks associated with that particular category. Here is the final table of contents:
Preface Foreword by Andi Gutmans 1. Introduction PHP Features Register Globals Error Reporting Principles Defense in Depth Least Privilege Simple Is Beautiful Minimize Exposure Practices Balance Risk and Usability Track Data Filter Input Escape Output 2. Forms and URLs Forms and Data Semantic URL Attacks File Upload Attacks Cross-Site Scripting Cross-Site Request Forgeries Spoofed Form Submissions Spoofed HTTP Requests 3. Databases and SQL Exposed Access Credentials SQL Injection Exposed Data 4. Sessions and Cookies Cookie Theft Exposed Session Data Session Fixation Session Hijacking 5. Includes Exposed Source Code Backdoor URLs Filename Manipulation Code Injection 6. Files and Commands Traversing the Filesystem Remote File Risks Command Injection 7. Authentication and Authorization Brute Force Attacks Password Sniffing Replay Attacks Persistent Logins 8. Shared Hosting Exposed Source Code Exposed Session Data Session Injection Filesystem Browsing Safe Mode A. Configuration Directives B. Functions C. Cryptography
I plan to launch a companion web site in time for the book's publication, and I will post code samples (I created a few utilities in order to demonstrate some attacks) and aggressively keep up with any errata that is discovered.
Now, I can finally start contributing to other things again. :-) I hope you enjoy the book, and I hope it helps.